You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ambari.apache.org by ec...@apache.org on 2017/04/21 14:52:35 UTC
[3/4] ambari git commit: AMBARI-20733. /var/log/krb5kdc.log is
growing rapidly on the KDC server (echekanskiy)
http://git-wip-us.apache.org/repos/asf/ambari/blob/712b3d21/ambari-server/src/main/resources/common-services/HIVE/0.12.0.2.0/package/scripts/webhcat_server.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/HIVE/0.12.0.2.0/package/scripts/webhcat_server.py b/ambari-server/src/main/resources/common-services/HIVE/0.12.0.2.0/package/scripts/webhcat_server.py
index ca3b14d..da5e82b 100644
--- a/ambari-server/src/main/resources/common-services/HIVE/0.12.0.2.0/package/scripts/webhcat_server.py
+++ b/ambari-server/src/main/resources/common-services/HIVE/0.12.0.2.0/package/scripts/webhcat_server.py
@@ -83,73 +83,6 @@ class WebHCatServerDefault(WebHCatServer):
conf_select.select(params.stack_name, "hadoop", params.version)
stack_select.select("hive-webhcat", params.version)
- def security_status(self, env):
- import status_params
- env.set_params(status_params)
-
- if status_params.security_enabled:
- expectations ={}
- expectations.update(
- build_expectations(
- 'webhcat-site',
- {
- "templeton.kerberos.secret": "secret"
- },
- [
- "templeton.kerberos.keytab",
- "templeton.kerberos.principal"
- ],
- [
- "templeton.kerberos.keytab"
- ]
- )
- )
- expectations.update(
- build_expectations(
- 'hive-site',
- {
- "hive.server2.authentication": "KERBEROS",
- "hive.metastore.sasl.enabled": "true",
- "hive.security.authorization.enabled": "true"
- },
- None,
- None
- )
- )
-
- security_params = {}
- security_params.update(get_params_from_filesystem(status_params.webhcat_conf_dir,
- {'webhcat-site.xml': FILE_TYPE_XML}))
- result_issues = validate_security_config_properties(security_params, expectations)
- if not result_issues: # If all validations passed successfully
- try:
- # Double check the dict before calling execute
- if 'webhcat-site' not in security_params \
- or 'templeton.kerberos.keytab' not in security_params['webhcat-site'] \
- or 'templeton.kerberos.principal' not in security_params['webhcat-site']:
- self.put_structured_out({"securityState": "UNSECURED"})
- self.put_structured_out({"securityIssuesFound": "Keytab file or principal are not set property."})
- return
-
- cached_kinit_executor(status_params.kinit_path_local,
- status_params.webhcat_user,
- security_params['webhcat-site']['templeton.kerberos.keytab'],
- security_params['webhcat-site']['templeton.kerberos.principal'],
- status_params.hostname,
- status_params.tmp_dir)
- self.put_structured_out({"securityState": "SECURED_KERBEROS"})
- except Exception as e:
- self.put_structured_out({"securityState": "ERROR"})
- self.put_structured_out({"securityStateErrorInfo": str(e)})
- else:
- issues = []
- for cf in result_issues:
- issues.append("Configuration file %s did not pass the validation. Reason: %s" % (cf, result_issues[cf]))
- self.put_structured_out({"securityIssuesFound": ". ".join(issues)})
- self.put_structured_out({"securityState": "UNSECURED"})
- else:
- self.put_structured_out({"securityState": "UNSECURED"})
-
def get_log_folder(self):
import params
return params.hcat_log_dir
http://git-wip-us.apache.org/repos/asf/ambari/blob/712b3d21/ambari-server/src/main/resources/common-services/KERBEROS/1.10.3-10/package/scripts/kerberos_client.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/KERBEROS/1.10.3-10/package/scripts/kerberos_client.py b/ambari-server/src/main/resources/common-services/KERBEROS/1.10.3-10/package/scripts/kerberos_client.py
index c50c67b..39fdcf5 100644
--- a/ambari-server/src/main/resources/common-services/KERBEROS/1.10.3-10/package/scripts/kerberos_client.py
+++ b/ambari-server/src/main/resources/common-services/KERBEROS/1.10.3-10/package/scripts/kerberos_client.py
@@ -43,27 +43,6 @@ class KerberosClient(KerberosScript):
def status(self, env):
raise ClientComponentHasNoStatus()
- def security_status(self, env):
- import status_params
- if status_params.security_enabled:
- if status_params.smoke_user and status_params.smoke_user_keytab:
- try:
- cached_kinit_executor(status_params.kinit_path_local,
- status_params.smoke_user,
- status_params.smoke_user_keytab,
- status_params.smoke_user_principal,
- status_params.hostname,
- status_params.tmp_dir)
- self.put_structured_out({"securityState": "SECURED_KERBEROS"})
- except Exception as e:
- self.put_structured_out({"securityState": "ERROR"})
- self.put_structured_out({"securityStateErrorInfo": str(e)})
- else:
- self.put_structured_out({"securityState": "UNKNOWN"})
- self.put_structured_out({"securityStateErrorInfo": "Missing smoke user credentials"})
- else:
- self.put_structured_out({"securityState": "UNSECURED"})
-
def set_keytab(self, env):
self.write_keytab_file()
http://git-wip-us.apache.org/repos/asf/ambari/blob/712b3d21/ambari-server/src/main/resources/common-services/KNOX/0.5.0.2.2/package/scripts/knox_gateway.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/KNOX/0.5.0.2.2/package/scripts/knox_gateway.py b/ambari-server/src/main/resources/common-services/KNOX/0.5.0.2.2/package/scripts/knox_gateway.py
index 1917369..c91b394 100644
--- a/ambari-server/src/main/resources/common-services/KNOX/0.5.0.2.2/package/scripts/knox_gateway.py
+++ b/ambari-server/src/main/resources/common-services/KNOX/0.5.0.2.2/package/scripts/knox_gateway.py
@@ -203,67 +203,6 @@ class KnoxGatewayDefault(KnoxGateway):
File(params.ldap_pid_file,
action = "delete"
)
-
- def security_status(self, env):
- import status_params
- env.set_params(status_params)
-
- if status_params.security_enabled:
- expectations = {}
- expectations.update(build_expectations(
- 'krb5JAASLogin',
- None,
- ['keytab', 'principal'],
- None
- ))
- expectations.update(build_expectations(
- 'gateway-site',
- {
- "gateway.hadoop.kerberos.secured" : "true"
- },
- None,
- None
- ))
-
- security_params = {
- "krb5JAASLogin":
- {
- 'keytab': status_params.knox_keytab_path,
- 'principal': status_params.knox_principal_name
- }
- }
- security_params.update(get_params_from_filesystem(status_params.knox_conf_dir,
- {"gateway-site.xml" : FILE_TYPE_XML}))
-
- result_issues = validate_security_config_properties(security_params, expectations)
- if not result_issues: # If all validations passed successfully
- try:
- # Double check the dict before calling execute
- if ( 'krb5JAASLogin' not in security_params
- or 'keytab' not in security_params['krb5JAASLogin']
- or 'principal' not in security_params['krb5JAASLogin']):
- self.put_structured_out({"securityState": "UNSECURED"})
- self.put_structured_out({"securityIssuesFound": "Keytab file and principal are not set."})
- return
-
- cached_kinit_executor(status_params.kinit_path_local,
- status_params.knox_user,
- security_params['krb5JAASLogin']['keytab'],
- security_params['krb5JAASLogin']['principal'],
- status_params.hostname,
- status_params.temp_dir)
- self.put_structured_out({"securityState": "SECURED_KERBEROS"})
- except Exception as e:
- self.put_structured_out({"securityState": "ERROR"})
- self.put_structured_out({"securityStateErrorInfo": str(e)})
- else:
- issues = []
- for cf in result_issues:
- issues.append("Configuration file %s did not pass the validation. Reason: %s" % (cf, result_issues[cf]))
- self.put_structured_out({"securityIssuesFound": ". ".join(issues)})
- self.put_structured_out({"securityState": "UNSECURED"})
- else:
- self.put_structured_out({"securityState": "UNSECURED"})
def get_log_folder(self):
import params
http://git-wip-us.apache.org/repos/asf/ambari/blob/712b3d21/ambari-server/src/main/resources/common-services/OOZIE/4.0.0.2.0/package/scripts/oozie_server.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/OOZIE/4.0.0.2.0/package/scripts/oozie_server.py b/ambari-server/src/main/resources/common-services/OOZIE/4.0.0.2.0/package/scripts/oozie_server.py
index 4397fe2..2cf3313 100644
--- a/ambari-server/src/main/resources/common-services/OOZIE/4.0.0.2.0/package/scripts/oozie_server.py
+++ b/ambari-server/src/main/resources/common-services/OOZIE/4.0.0.2.0/package/scripts/oozie_server.py
@@ -105,69 +105,6 @@ class OozieServer(Script):
@OsFamilyImpl(os_family=OsFamilyImpl.DEFAULT)
class OozieServerDefault(OozieServer):
- def security_status(self, env):
- import status_params
- env.set_params(status_params)
-
- if status_params.security_enabled:
- expectations = {
- "oozie-site":
- build_expectations('oozie-site',
- {
- "oozie.authentication.type": "kerberos",
- "oozie.service.AuthorizationService.security.enabled": "true",
- "oozie.service.HadoopAccessorService.kerberos.enabled": "true"
- },
- [
- "local.realm",
- "oozie.authentication.kerberos.principal",
- "oozie.authentication.kerberos.keytab",
- "oozie.service.HadoopAccessorService.kerberos.principal",
- "oozie.service.HadoopAccessorService.keytab.file"
- ],
- None)
- }
-
- security_params = get_params_from_filesystem(status_params.conf_dir,
- {'oozie-site.xml': FILE_TYPE_XML})
- result_issues = validate_security_config_properties(security_params, expectations)
- if not result_issues: # If all validations passed successfully
- try:
- # Double check the dict before calling execute
- if ('oozie-site' not in security_params
- or 'oozie.authentication.kerberos.principal' not in security_params['oozie-site']
- or 'oozie.authentication.kerberos.keytab' not in security_params['oozie-site']
- or 'oozie.service.HadoopAccessorService.kerberos.principal' not in security_params['oozie-site']
- or 'oozie.service.HadoopAccessorService.keytab.file' not in security_params['oozie-site']):
- self.put_structured_out({"securityState": "UNSECURED"})
- self.put_structured_out({"securityIssuesFound": "Keytab file or principal are not set property."})
- return
-
- cached_kinit_executor(status_params.kinit_path_local,
- status_params.oozie_user,
- security_params['oozie-site']['oozie.authentication.kerberos.keytab'],
- security_params['oozie-site']['oozie.authentication.kerberos.principal'],
- status_params.hostname,
- status_params.tmp_dir)
- cached_kinit_executor(status_params.kinit_path_local,
- status_params.oozie_user,
- security_params['oozie-site']['oozie.service.HadoopAccessorService.keytab.file'],
- security_params['oozie-site']['oozie.service.HadoopAccessorService.kerberos.principal'],
- status_params.hostname,
- status_params.tmp_dir)
- self.put_structured_out({"securityState": "SECURED_KERBEROS"})
- except Exception as e:
- self.put_structured_out({"securityState": "ERROR"})
- self.put_structured_out({"securityStateErrorInfo": str(e)})
- else:
- issues = []
- for cf in result_issues:
- issues.append("Configuration file %s did not pass the validation. Reason: %s" % (cf, result_issues[cf]))
- self.put_structured_out({"securityIssuesFound": ". ".join(issues)})
- self.put_structured_out({"securityState": "UNSECURED"})
- else:
- self.put_structured_out({"securityState": "UNSECURED"})
-
def pre_upgrade_restart(self, env, upgrade_type=None):
"""
Performs the tasks that should be done before an upgrade of oozie. This includes:
http://git-wip-us.apache.org/repos/asf/ambari/blob/712b3d21/ambari-server/src/main/resources/common-services/STORM/0.9.1/package/scripts/drpc_server.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/STORM/0.9.1/package/scripts/drpc_server.py b/ambari-server/src/main/resources/common-services/STORM/0.9.1/package/scripts/drpc_server.py
index b156578..d0af415 100644
--- a/ambari-server/src/main/resources/common-services/STORM/0.9.1/package/scripts/drpc_server.py
+++ b/ambari-server/src/main/resources/common-services/STORM/0.9.1/package/scripts/drpc_server.py
@@ -74,58 +74,6 @@ class DrpcServer(Script):
import status_params
env.set_params(status_params)
check_process_status(status_params.pid_drpc)
-
- def security_status(self, env):
- import status_params
-
- env.set_params(status_params)
-
- if status_params.security_enabled:
- # Expect the following files to be available in status_params.config_dir:
- # storm_jaas.conf
-
- try:
- props_value_check = None
- props_empty_check = ['StormServer/keyTab', 'StormServer/principal']
- props_read_check = ['StormServer/keyTab']
- storm_env_expectations = build_expectations('storm_jaas', props_value_check, props_empty_check,
- props_read_check)
-
- storm_expectations = {}
- storm_expectations.update(storm_env_expectations)
-
- security_params = get_params_from_filesystem(status_params.conf_dir,
- {'storm_jaas.conf': FILE_TYPE_JAAS_CONF})
-
- result_issues = validate_security_config_properties(security_params, storm_expectations)
- if not result_issues: # If all validations passed successfully
- # Double check the dict before calling execute
- if ( 'storm_jaas' not in security_params
- or 'StormServer' not in security_params['storm_jaas']
- or 'keyTab' not in security_params['storm_jaas']['StormServer']
- or 'principal' not in security_params['storm_jaas']['StormServer']):
- self.put_structured_out({"securityState": "ERROR"})
- self.put_structured_out({"securityIssuesFound": "Keytab file or principal are not set property."})
- return
-
- cached_kinit_executor(status_params.kinit_path_local,
- status_params.storm_user,
- security_params['storm_jaas']['StormServer']['keyTab'],
- security_params['storm_jaas']['StormServer']['principal'],
- status_params.hostname,
- status_params.tmp_dir)
- self.put_structured_out({"securityState": "SECURED_KERBEROS"})
- else:
- issues = []
- for cf in result_issues:
- issues.append("Configuration file %s did not pass the validation. Reason: %s" % (cf, result_issues[cf]))
- self.put_structured_out({"securityIssuesFound": ". ".join(issues)})
- self.put_structured_out({"securityState": "UNSECURED"})
- except Exception as e:
- self.put_structured_out({"securityState": "ERROR"})
- self.put_structured_out({"securityStateErrorInfo": str(e)})
- else:
- self.put_structured_out({"securityState": "UNSECURED"})
def get_log_folder(self):
import params
http://git-wip-us.apache.org/repos/asf/ambari/blob/712b3d21/ambari-server/src/main/resources/common-services/STORM/0.9.1/package/scripts/nimbus.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/STORM/0.9.1/package/scripts/nimbus.py b/ambari-server/src/main/resources/common-services/STORM/0.9.1/package/scripts/nimbus.py
index b2148a5..a6bc437 100644
--- a/ambari-server/src/main/resources/common-services/STORM/0.9.1/package/scripts/nimbus.py
+++ b/ambari-server/src/main/resources/common-services/STORM/0.9.1/package/scripts/nimbus.py
@@ -82,51 +82,6 @@ class NimbusDefault(Nimbus):
env.set_params(status_params)
check_process_status(status_params.pid_nimbus)
-
- def security_status(self, env):
- import status_params
- env.set_params(status_params)
- if status_params.security_enabled:
- # Expect the following files to be available in status_params.config_dir:
- # storm_jaas.conf
- try:
- props_value_check = None
- props_empty_check = ['StormServer/keyTab', 'StormServer/principal']
- props_read_check = ['StormServer/keyTab']
- storm_env_expectations = build_expectations('storm_jaas', props_value_check, props_empty_check, props_read_check)
- storm_expectations = {}
- storm_expectations.update(storm_env_expectations)
- security_params = get_params_from_filesystem(status_params.conf_dir, {'storm_jaas.conf': FILE_TYPE_JAAS_CONF})
- result_issues = validate_security_config_properties(security_params, storm_expectations)
- if not result_issues: # If all validations passed successfully
- # Double check the dict before calling execute
- if ( 'storm_jaas' not in security_params
- or 'StormServer' not in security_params['storm_jaas']
- or 'keyTab' not in security_params['storm_jaas']['StormServer']
- or 'principal' not in security_params['storm_jaas']['StormServer']):
- self.put_structured_out({"securityState": "ERROR"})
- self.put_structured_out({"securityIssuesFound": "Keytab file or principal are not set property."})
- return
-
- cached_kinit_executor(status_params.kinit_path_local,
- status_params.storm_user,
- security_params['storm_jaas']['StormServer']['keyTab'],
- security_params['storm_jaas']['StormServer']['principal'],
- status_params.hostname,
- status_params.tmp_dir)
- self.put_structured_out({"securityState": "SECURED_KERBEROS"})
- else:
- issues = []
- for cf in result_issues:
- issues.append("Configuration file %s did not pass the validation. Reason: %s" % (cf, result_issues[cf]))
- self.put_structured_out({"securityIssuesFound": ". ".join(issues)})
- self.put_structured_out({"securityState": "UNSECURED"})
- except Exception as e:
- self.put_structured_out({"securityState": "ERROR"})
- self.put_structured_out({"securityStateErrorInfo": str(e)})
- else:
- self.put_structured_out({"securityState": "UNSECURED"})
-
def get_log_folder(self):
import params
return params.log_dir
http://git-wip-us.apache.org/repos/asf/ambari/blob/712b3d21/ambari-server/src/main/resources/common-services/STORM/0.9.1/package/scripts/pacemaker.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/STORM/0.9.1/package/scripts/pacemaker.py b/ambari-server/src/main/resources/common-services/STORM/0.9.1/package/scripts/pacemaker.py
index 2ea02e8..6da204e 100644
--- a/ambari-server/src/main/resources/common-services/STORM/0.9.1/package/scripts/pacemaker.py
+++ b/ambari-server/src/main/resources/common-services/STORM/0.9.1/package/scripts/pacemaker.py
@@ -74,58 +74,6 @@ class PaceMaker(Script):
env.set_params(status_params)
check_process_status(status_params.pid_pacemaker)
- def security_status(self, env):
- import status_params
-
- env.set_params(status_params)
-
- if status_params.security_enabled:
- # Expect the following files to be available in status_params.config_dir:
- # storm_jaas.conf
-
- try:
- props_value_check = None
- props_empty_check = ['StormServer/keyTab', 'StormServer/principal']
- props_read_check = ['StormServer/keyTab']
- storm_env_expectations = build_expectations('storm_jaas', props_value_check, props_empty_check,
- props_read_check)
-
- storm_expectations = {}
- storm_expectations.update(storm_env_expectations)
-
- security_params = get_params_from_filesystem(status_params.conf_dir,
- {'storm_jaas.conf': FILE_TYPE_JAAS_CONF})
-
- result_issues = validate_security_config_properties(security_params, storm_expectations)
- if not result_issues: # If all validations passed successfully
- # Double check the dict before calling execute
- if ( 'storm_jaas' not in security_params
- or 'StormServer' not in security_params['storm_jaas']
- or 'keyTab' not in security_params['storm_jaas']['StormServer']
- or 'principal' not in security_params['storm_jaas']['StormServer']):
- self.put_structured_out({"securityState": "ERROR"})
- self.put_structured_out({"securityIssuesFound": "Keytab file or principal are not set property."})
- return
-
- cached_kinit_executor(status_params.kinit_path_local,
- status_params.storm_user,
- security_params['storm_jaas']['StormServer']['keyTab'],
- security_params['storm_jaas']['StormServer']['principal'],
- status_params.hostname,
- status_params.tmp_dir)
- self.put_structured_out({"securityState": "SECURED_KERBEROS"})
- else:
- issues = []
- for cf in result_issues:
- issues.append("Configuration file %s did not pass the validation. Reason: %s" % (cf, result_issues[cf]))
- self.put_structured_out({"securityIssuesFound": ". ".join(issues)})
- self.put_structured_out({"securityState": "UNSECURED"})
- except Exception as e:
- self.put_structured_out({"securityState": "ERROR"})
- self.put_structured_out({"securityStateErrorInfo": str(e)})
- else:
- self.put_structured_out({"securityState": "UNSECURED"})
-
def get_log_folder(self):
import params
return params.log_dir
http://git-wip-us.apache.org/repos/asf/ambari/blob/712b3d21/ambari-server/src/main/resources/common-services/STORM/0.9.1/package/scripts/ui_server.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/STORM/0.9.1/package/scripts/ui_server.py b/ambari-server/src/main/resources/common-services/STORM/0.9.1/package/scripts/ui_server.py
index 63d5731..5d0c303 100644
--- a/ambari-server/src/main/resources/common-services/STORM/0.9.1/package/scripts/ui_server.py
+++ b/ambari-server/src/main/resources/common-services/STORM/0.9.1/package/scripts/ui_server.py
@@ -120,59 +120,6 @@ class UiServerDefault(UiServer):
import status_params
env.set_params(status_params)
check_process_status(status_params.pid_ui)
-
- def security_status(self, env):
- import status_params
-
- env.set_params(status_params)
-
- if status_params.security_enabled:
- # Expect the following files to be available in status_params.config_dir:
- # storm_jaas.conf
-
- try:
- props_value_check = None
- props_empty_check = ['storm_ui_principal_name', 'storm_ui_keytab']
- props_read_check = ['storm_ui_keytab']
- storm_env_expectations = build_expectations('storm_ui', props_value_check, props_empty_check,
- props_read_check)
-
- storm_expectations = {}
- storm_expectations.update(storm_env_expectations)
-
- security_params = {}
- security_params['storm_ui'] = {}
- security_params['storm_ui']['storm_ui_principal_name'] = status_params.storm_ui_principal
- security_params['storm_ui']['storm_ui_keytab'] = status_params.storm_ui_keytab
-
- result_issues = validate_security_config_properties(security_params, storm_expectations)
- if not result_issues: # If all validations passed successfully
- # Double check the dict before calling execute
- if ( 'storm_ui' not in security_params
- or 'storm_ui_principal_name' not in security_params['storm_ui']
- or 'storm_ui_keytab' not in security_params['storm_ui']):
- self.put_structured_out({"securityState": "ERROR"})
- self.put_structured_out({"securityIssuesFound": "Keytab file or principal are not set property."})
- return
-
- cached_kinit_executor(status_params.kinit_path_local,
- status_params.storm_user,
- security_params['storm_ui']['storm_ui_keytab'],
- security_params['storm_ui']['storm_ui_principal_name'],
- status_params.hostname,
- status_params.tmp_dir)
- self.put_structured_out({"securityState": "SECURED_KERBEROS"})
- else:
- issues = []
- for cf in result_issues:
- issues.append("Configuration file %s did not pass the validation. Reason: %s" % (cf, result_issues[cf]))
- self.put_structured_out({"securityIssuesFound": ". ".join(issues)})
- self.put_structured_out({"securityState": "UNSECURED"})
- except Exception as e:
- self.put_structured_out({"securityState": "ERROR"})
- self.put_structured_out({"securityStateErrorInfo": str(e)})
- else:
- self.put_structured_out({"securityState": "UNSECURED"})
def get_log_folder(self):
import params
http://git-wip-us.apache.org/repos/asf/ambari/blob/712b3d21/ambari-server/src/main/resources/common-services/YARN/2.1.0.2.0/package/scripts/application_timeline_server.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/YARN/2.1.0.2.0/package/scripts/application_timeline_server.py b/ambari-server/src/main/resources/common-services/YARN/2.1.0.2.0/package/scripts/application_timeline_server.py
index 4ec6aa7..a299e25 100644
--- a/ambari-server/src/main/resources/common-services/YARN/2.1.0.2.0/package/scripts/application_timeline_server.py
+++ b/ambari-server/src/main/resources/common-services/YARN/2.1.0.2.0/package/scripts/application_timeline_server.py
@@ -82,67 +82,6 @@ class ApplicationTimelineServerDefault(ApplicationTimelineServer):
only_if = format("test -e {yarn_historyserver_pid_file_old}", user=status_params.yarn_user))
functions.check_process_status(status_params.yarn_historyserver_pid_file)
- def security_status(self, env):
- import status_params
- env.set_params(status_params)
- if status_params.security_enabled:
- props_value_check = {"yarn.timeline-service.enabled": "true",
- "yarn.timeline-service.http-authentication.type": "kerberos",
- "yarn.acl.enable": "true"}
- props_empty_check = ["yarn.timeline-service.principal",
- "yarn.timeline-service.keytab",
- "yarn.timeline-service.http-authentication.kerberos.principal",
- "yarn.timeline-service.http-authentication.kerberos.keytab"]
-
- props_read_check = ["yarn.timeline-service.keytab",
- "yarn.timeline-service.http-authentication.kerberos.keytab"]
- yarn_site_props = build_expectations('yarn-site', props_value_check, props_empty_check,
- props_read_check)
-
- yarn_expectations ={}
- yarn_expectations.update(yarn_site_props)
-
- security_params = get_params_from_filesystem(status_params.hadoop_conf_dir,
- {'yarn-site.xml': FILE_TYPE_XML})
- result_issues = validate_security_config_properties(security_params, yarn_expectations)
- if not result_issues: # If all validations passed successfully
- try:
- # Double check the dict before calling execute
- if ( 'yarn-site' not in security_params
- or 'yarn.timeline-service.keytab' not in security_params['yarn-site']
- or 'yarn.timeline-service.principal' not in security_params['yarn-site']) \
- or 'yarn.timeline-service.http-authentication.kerberos.keytab' not in security_params['yarn-site'] \
- or 'yarn.timeline-service.http-authentication.kerberos.principal' not in security_params['yarn-site']:
- self.put_structured_out({"securityState": "UNSECURED"})
- self.put_structured_out(
- {"securityIssuesFound": "Keytab file or principal are not set property."})
- return
-
- cached_kinit_executor(status_params.kinit_path_local,
- status_params.yarn_user,
- security_params['yarn-site']['yarn.timeline-service.keytab'],
- security_params['yarn-site']['yarn.timeline-service.principal'],
- status_params.hostname,
- status_params.tmp_dir)
- cached_kinit_executor(status_params.kinit_path_local,
- status_params.yarn_user,
- security_params['yarn-site']['yarn.timeline-service.http-authentication.kerberos.keytab'],
- security_params['yarn-site']['yarn.timeline-service.http-authentication.kerberos.principal'],
- status_params.hostname,
- status_params.tmp_dir)
- self.put_structured_out({"securityState": "SECURED_KERBEROS"})
- except Exception as e:
- self.put_structured_out({"securityState": "ERROR"})
- self.put_structured_out({"securityStateErrorInfo": str(e)})
- else:
- issues = []
- for cf in result_issues:
- issues.append("Configuration file %s did not pass the validation. Reason: %s" % (cf, result_issues[cf]))
- self.put_structured_out({"securityIssuesFound": ". ".join(issues)})
- self.put_structured_out({"securityState": "UNSECURED"})
- else:
- self.put_structured_out({"securityState": "UNSECURED"})
-
def get_log_folder(self):
import params
return params.yarn_log_dir
http://git-wip-us.apache.org/repos/asf/ambari/blob/712b3d21/ambari-server/src/main/resources/common-services/YARN/2.1.0.2.0/package/scripts/historyserver.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/YARN/2.1.0.2.0/package/scripts/historyserver.py b/ambari-server/src/main/resources/common-services/YARN/2.1.0.2.0/package/scripts/historyserver.py
index 0edb0b0..7405a4e 100644
--- a/ambari-server/src/main/resources/common-services/YARN/2.1.0.2.0/package/scripts/historyserver.py
+++ b/ambari-server/src/main/resources/common-services/YARN/2.1.0.2.0/package/scripts/historyserver.py
@@ -122,62 +122,6 @@ class HistoryServerDefault(HistoryServer):
env.set_params(status_params)
check_process_status(status_params.mapred_historyserver_pid_file)
- def security_status(self, env):
- import status_params
- env.set_params(status_params)
- if status_params.security_enabled:
- expectations = {}
- expectations.update(build_expectations('mapred-site',
- None,
- [
- 'mapreduce.jobhistory.keytab',
- 'mapreduce.jobhistory.principal',
- 'mapreduce.jobhistory.webapp.spnego-keytab-file',
- 'mapreduce.jobhistory.webapp.spnego-principal'
- ],
- None))
-
- security_params = get_params_from_filesystem(status_params.hadoop_conf_dir,
- {'mapred-site.xml': FILE_TYPE_XML})
- result_issues = validate_security_config_properties(security_params, expectations)
- if not result_issues: # If all validations passed successfully
- try:
- # Double check the dict before calling execute
- if ( 'mapred-site' not in security_params or
- 'mapreduce.jobhistory.keytab' not in security_params['mapred-site'] or
- 'mapreduce.jobhistory.principal' not in security_params['mapred-site'] or
- 'mapreduce.jobhistory.webapp.spnego-keytab-file' not in security_params['mapred-site'] or
- 'mapreduce.jobhistory.webapp.spnego-principal' not in security_params['mapred-site']):
- self.put_structured_out({"securityState": "UNSECURED"})
- self.put_structured_out(
- {"securityIssuesFound": "Keytab file or principal not set."})
- return
-
- cached_kinit_executor(status_params.kinit_path_local,
- status_params.mapred_user,
- security_params['mapred-site']['mapreduce.jobhistory.keytab'],
- security_params['mapred-site']['mapreduce.jobhistory.principal'],
- status_params.hostname,
- status_params.tmp_dir)
- cached_kinit_executor(status_params.kinit_path_local,
- status_params.mapred_user,
- security_params['mapred-site']['mapreduce.jobhistory.webapp.spnego-keytab-file'],
- security_params['mapred-site']['mapreduce.jobhistory.webapp.spnego-principal'],
- status_params.hostname,
- status_params.tmp_dir)
- self.put_structured_out({"securityState": "SECURED_KERBEROS"})
- except Exception as e:
- self.put_structured_out({"securityState": "ERROR"})
- self.put_structured_out({"securityStateErrorInfo": str(e)})
- else:
- issues = []
- for cf in result_issues:
- issues.append("Configuration file %s did not pass the validation. Reason: %s" % (cf, result_issues[cf]))
- self.put_structured_out({"securityIssuesFound": ". ".join(issues)})
- self.put_structured_out({"securityState": "UNSECURED"})
- else:
- self.put_structured_out({"securityState": "UNSECURED"})
-
def get_log_folder(self):
import params
return params.mapred_log_dir
http://git-wip-us.apache.org/repos/asf/ambari/blob/712b3d21/ambari-server/src/main/resources/common-services/YARN/2.1.0.2.0/package/scripts/nodemanager.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/YARN/2.1.0.2.0/package/scripts/nodemanager.py b/ambari-server/src/main/resources/common-services/YARN/2.1.0.2.0/package/scripts/nodemanager.py
index b235cad..7be7c36 100644
--- a/ambari-server/src/main/resources/common-services/YARN/2.1.0.2.0/package/scripts/nodemanager.py
+++ b/ambari-server/src/main/resources/common-services/YARN/2.1.0.2.0/package/scripts/nodemanager.py
@@ -89,66 +89,6 @@ class NodemanagerDefault(Nodemanager):
env.set_params(status_params)
check_process_status(status_params.nodemanager_pid_file)
- def security_status(self, env):
- import status_params
- env.set_params(status_params)
- if status_params.security_enabled:
- props_value_check = {"yarn.timeline-service.http-authentication.type": "kerberos",
- "yarn.acl.enable": "true"}
- props_empty_check = ["yarn.nodemanager.principal",
- "yarn.nodemanager.keytab",
- "yarn.nodemanager.webapp.spnego-principal",
- "yarn.nodemanager.webapp.spnego-keytab-file"]
-
- props_read_check = ["yarn.nodemanager.keytab",
- "yarn.nodemanager.webapp.spnego-keytab-file"]
- yarn_site_props = build_expectations('yarn-site', props_value_check, props_empty_check,
- props_read_check)
-
- yarn_expectations ={}
- yarn_expectations.update(yarn_site_props)
-
- security_params = get_params_from_filesystem(status_params.hadoop_conf_dir,
- {'yarn-site.xml': FILE_TYPE_XML})
- result_issues = validate_security_config_properties(security_params, yarn_site_props)
- if not result_issues: # If all validations passed successfully
- try:
- # Double check the dict before calling execute
- if ( 'yarn-site' not in security_params
- or 'yarn.nodemanager.keytab' not in security_params['yarn-site']
- or 'yarn.nodemanager.principal' not in security_params['yarn-site']) \
- or 'yarn.nodemanager.webapp.spnego-keytab-file' not in security_params['yarn-site'] \
- or 'yarn.nodemanager.webapp.spnego-principal' not in security_params['yarn-site']:
- self.put_structured_out({"securityState": "UNSECURED"})
- self.put_structured_out(
- {"securityIssuesFound": "Keytab file or principal are not set property."})
- return
-
- cached_kinit_executor(status_params.kinit_path_local,
- status_params.yarn_user,
- security_params['yarn-site']['yarn.nodemanager.keytab'],
- security_params['yarn-site']['yarn.nodemanager.principal'],
- status_params.hostname,
- status_params.tmp_dir)
- cached_kinit_executor(status_params.kinit_path_local,
- status_params.yarn_user,
- security_params['yarn-site']['yarn.nodemanager.webapp.spnego-keytab-file'],
- security_params['yarn-site']['yarn.nodemanager.webapp.spnego-principal'],
- status_params.hostname,
- status_params.tmp_dir)
- self.put_structured_out({"securityState": "SECURED_KERBEROS"})
- except Exception as e:
- self.put_structured_out({"securityState": "ERROR"})
- self.put_structured_out({"securityStateErrorInfo": str(e)})
- else:
- issues = []
- for cf in result_issues:
- issues.append("Configuration file %s did not pass the validation. Reason: %s" % (cf, result_issues[cf]))
- self.put_structured_out({"securityIssuesFound": ". ".join(issues)})
- self.put_structured_out({"securityState": "UNSECURED"})
- else:
- self.put_structured_out({"securityState": "UNSECURED"})
-
def get_log_folder(self):
import params
return params.yarn_log_dir
http://git-wip-us.apache.org/repos/asf/ambari/blob/712b3d21/ambari-server/src/main/resources/common-services/YARN/2.1.0.2.0/package/scripts/resourcemanager.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/YARN/2.1.0.2.0/package/scripts/resourcemanager.py b/ambari-server/src/main/resources/common-services/YARN/2.1.0.2.0/package/scripts/resourcemanager.py
index 5522fbc..8cc2d1d 100644
--- a/ambari-server/src/main/resources/common-services/YARN/2.1.0.2.0/package/scripts/resourcemanager.py
+++ b/ambari-server/src/main/resources/common-services/YARN/2.1.0.2.0/package/scripts/resourcemanager.py
@@ -132,66 +132,6 @@ class ResourcemanagerDefault(Resourcemanager):
check_process_status(status_params.resourcemanager_pid_file)
pass
- def security_status(self, env):
- import status_params
- env.set_params(status_params)
- if status_params.security_enabled:
- props_value_check = {"yarn.timeline-service.http-authentication.type": "kerberos",
- "yarn.acl.enable": "true"}
- props_empty_check = ["yarn.resourcemanager.principal",
- "yarn.resourcemanager.keytab",
- "yarn.resourcemanager.webapp.spnego-principal",
- "yarn.resourcemanager.webapp.spnego-keytab-file"]
-
- props_read_check = ["yarn.resourcemanager.keytab",
- "yarn.resourcemanager.webapp.spnego-keytab-file"]
- yarn_site_props = build_expectations('yarn-site', props_value_check, props_empty_check,
- props_read_check)
-
- yarn_expectations ={}
- yarn_expectations.update(yarn_site_props)
-
- security_params = get_params_from_filesystem(status_params.hadoop_conf_dir,
- {'yarn-site.xml': FILE_TYPE_XML})
- result_issues = validate_security_config_properties(security_params, yarn_site_props)
- if not result_issues: # If all validations passed successfully
- try:
- # Double check the dict before calling execute
- if ( 'yarn-site' not in security_params
- or 'yarn.resourcemanager.keytab' not in security_params['yarn-site']
- or 'yarn.resourcemanager.principal' not in security_params['yarn-site']) \
- or 'yarn.resourcemanager.webapp.spnego-keytab-file' not in security_params['yarn-site'] \
- or 'yarn.resourcemanager.webapp.spnego-principal' not in security_params['yarn-site']:
- self.put_structured_out({"securityState": "UNSECURED"})
- self.put_structured_out(
- {"securityIssuesFound": "Keytab file or principal are not set property."})
- return
-
- cached_kinit_executor(status_params.kinit_path_local,
- status_params.yarn_user,
- security_params['yarn-site']['yarn.resourcemanager.keytab'],
- security_params['yarn-site']['yarn.resourcemanager.principal'],
- status_params.hostname,
- status_params.tmp_dir)
- cached_kinit_executor(status_params.kinit_path_local,
- status_params.yarn_user,
- security_params['yarn-site']['yarn.resourcemanager.webapp.spnego-keytab-file'],
- security_params['yarn-site']['yarn.resourcemanager.webapp.spnego-principal'],
- status_params.hostname,
- status_params.tmp_dir)
- self.put_structured_out({"securityState": "SECURED_KERBEROS"})
- except Exception as e:
- self.put_structured_out({"securityState": "ERROR"})
- self.put_structured_out({"securityStateErrorInfo": str(e)})
- else:
- issues = []
- for cf in result_issues:
- issues.append("Configuration file %s did not pass the validation. Reason: %s" % (cf, result_issues[cf]))
- self.put_structured_out({"securityIssuesFound": ". ".join(issues)})
- self.put_structured_out({"securityState": "UNSECURED"})
- else:
- self.put_structured_out({"securityState": "UNSECURED"})
-
def refreshqueues(self, env):
import params
http://git-wip-us.apache.org/repos/asf/ambari/blob/712b3d21/ambari-server/src/main/resources/common-services/ZOOKEEPER/3.4.5/package/scripts/zookeeper_server.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/common-services/ZOOKEEPER/3.4.5/package/scripts/zookeeper_server.py b/ambari-server/src/main/resources/common-services/ZOOKEEPER/3.4.5/package/scripts/zookeeper_server.py
index 07dbabe..0af0345 100644
--- a/ambari-server/src/main/resources/common-services/ZOOKEEPER/3.4.5/package/scripts/zookeeper_server.py
+++ b/ambari-server/src/main/resources/common-services/ZOOKEEPER/3.4.5/package/scripts/zookeeper_server.py
@@ -111,57 +111,6 @@ class ZookeeperServerLinux(ZookeeperServer):
import status_params
env.set_params(status_params)
check_process_status(status_params.zk_pid_file)
-
- def security_status(self, env):
- import status_params
- env.set_params(status_params)
-
- if status_params.security_enabled:
- # Expect the following files to be available in params.config_dir:
- # zookeeper_jaas.conf
- # zookeeper_client_jaas.conf
- try:
- props_value_check = None
- props_empty_check = ['Server/keyTab', 'Server/principal']
- props_read_check = ['Server/keyTab']
- zk_env_expectations = build_expectations('zookeeper_jaas', props_value_check, props_empty_check,
- props_read_check)
-
- zk_expectations = {}
- zk_expectations.update(zk_env_expectations)
-
- security_params = get_params_from_filesystem(status_params.config_dir,
- {'zookeeper_jaas.conf': FILE_TYPE_JAAS_CONF})
-
- result_issues = validate_security_config_properties(security_params, zk_expectations)
- if not result_issues: # If all validations passed successfully
- # Double check the dict before calling execute
- if ( 'zookeeper_jaas' not in security_params
- or 'Server' not in security_params['zookeeper_jaas']
- or 'keyTab' not in security_params['zookeeper_jaas']['Server']
- or 'principal' not in security_params['zookeeper_jaas']['Server']):
- self.put_structured_out({"securityState": "ERROR"})
- self.put_structured_out({"securityIssuesFound": "Keytab file or principal are not set property."})
- return
-
- cached_kinit_executor(status_params.kinit_path_local,
- status_params.zk_user,
- security_params['zookeeper_jaas']['Server']['keyTab'],
- security_params['zookeeper_jaas']['Server']['principal'],
- status_params.hostname,
- status_params.tmp_dir)
- self.put_structured_out({"securityState": "SECURED_KERBEROS"})
- else:
- issues = []
- for cf in result_issues:
- issues.append("Configuration file %s did not pass the validation. Reason: %s" % (cf, result_issues[cf]))
- self.put_structured_out({"securityIssuesFound": ". ".join(issues)})
- self.put_structured_out({"securityState": "UNSECURED"})
- except Exception as e:
- self.put_structured_out({"securityState": "ERROR"})
- self.put_structured_out({"securityStateErrorInfo": str(e)})
- else:
- self.put_structured_out({"securityState": "UNSECURED"})
def get_log_folder(self):
import params
http://git-wip-us.apache.org/repos/asf/ambari/blob/712b3d21/ambari-server/src/main/resources/stacks/PERF/1.0/services/KERBEROS/package/scripts/kerberos_client.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/resources/stacks/PERF/1.0/services/KERBEROS/package/scripts/kerberos_client.py b/ambari-server/src/main/resources/stacks/PERF/1.0/services/KERBEROS/package/scripts/kerberos_client.py
index 1298f1e..b2cdaa6 100644
--- a/ambari-server/src/main/resources/stacks/PERF/1.0/services/KERBEROS/package/scripts/kerberos_client.py
+++ b/ambari-server/src/main/resources/stacks/PERF/1.0/services/KERBEROS/package/scripts/kerberos_client.py
@@ -43,27 +43,6 @@ class KerberosClient(KerberosScript):
def status(self, env):
raise ClientComponentHasNoStatus()
- def security_status(self, env):
- import status_params
- if status_params.security_enabled:
- if status_params.smoke_user and status_params.smoke_user_keytab:
- try:
- cached_kinit_executor(status_params.kinit_path_local,
- status_params.smoke_user,
- status_params.smoke_user_keytab,
- status_params.smoke_user_principal,
- status_params.hostname,
- status_params.tmp_dir)
- self.put_structured_out({"securityState": "SECURED_KERBEROS"})
- except Exception as e:
- self.put_structured_out({"securityState": "ERROR"})
- self.put_structured_out({"securityStateErrorInfo": str(e)})
- else:
- self.put_structured_out({"securityState": "UNKNOWN"})
- self.put_structured_out({"securityStateErrorInfo": "Missing smoke user credentials"})
- else:
- self.put_structured_out({"securityState": "UNSECURED"})
-
def set_keytab(self, env):
self.write_keytab_file()
http://git-wip-us.apache.org/repos/asf/ambari/blob/712b3d21/ambari-server/src/test/java/org/apache/ambari/server/agent/HeartbeatProcessorTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/agent/HeartbeatProcessorTest.java b/ambari-server/src/test/java/org/apache/ambari/server/agent/HeartbeatProcessorTest.java
index 986b472..fd94606 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/agent/HeartbeatProcessorTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/agent/HeartbeatProcessorTest.java
@@ -496,7 +496,6 @@ public class HeartbeatProcessorTest {
componentStatus1.setServiceName(HDFS);
componentStatus1.setMessage(DummyHostStatus);
componentStatus1.setStatus(State.STARTED.name());
- componentStatus1.setSecurityState(SecurityState.SECURED_KERBEROS.name());
componentStatus1.setComponentName(DATANODE);
componentStatuses.add(componentStatus1);
ComponentStatus componentStatus2 = new ComponentStatus();
@@ -504,7 +503,6 @@ public class HeartbeatProcessorTest {
componentStatus2.setServiceName(HDFS);
componentStatus2.setMessage(DummyHostStatus);
componentStatus2.setStatus(State.STARTED.name());
- componentStatus2.setSecurityState(SecurityState.UNSECURED.name());
componentStatus2.setComponentName(SECONDARY_NAMENODE);
componentStatuses.add(componentStatus2);
hb.setComponentStatus(componentStatuses);
@@ -526,9 +524,7 @@ public class HeartbeatProcessorTest {
State componentState1 = serviceComponentHost1.getState();
State componentState2 = serviceComponentHost2.getState();
State componentState3 = serviceComponentHost3.getState();
- assertEquals(State.STARTED, componentState1);
- assertEquals(SecurityState.SECURED_KERBEROS, serviceComponentHost1.getSecurityState());
- assertEquals(State.INSTALLED, componentState2);
+ assertEquals(State.STARTED, componentState1);assertEquals(State.INSTALLED, componentState2);
assertEquals(SecurityState.SECURING, serviceComponentHost2.getSecurityState());
//starting state will not be overridden by status command
assertEquals(State.STARTING, componentState3);
@@ -838,7 +834,6 @@ public class HeartbeatProcessorTest {
componentStatus1.setServiceName(HDFS);
componentStatus1.setMessage(DummyHostStatus);
componentStatus1.setStatus(State.STARTED.name());
- componentStatus1.setSecurityState(SecurityState.UNSECURED.name());
componentStatus1.setComponentName(DATANODE);
componentStatus1.setExtra(extra);
@@ -874,7 +869,6 @@ public class HeartbeatProcessorTest {
componentStatus1.setServiceName(HDFS);
componentStatus1.setMessage(DummyHostStatus);
componentStatus1.setStatus(State.STARTED.name());
- componentStatus1.setSecurityState(SecurityState.UNSECURED.name());
componentStatus1.setComponentName(DATANODE);
hb.setComponentStatus(Collections.singletonList(componentStatus1));
@@ -1329,7 +1323,6 @@ public class HeartbeatProcessorTest {
componentStatus1.setServiceName(HDFS);
componentStatus1.setMessage(DummyHostStatus);
componentStatus1.setStatus(State.INSTALLED.name());
- componentStatus1.setSecurityState(SecurityState.UNSECURED.name());
componentStatus1.setComponentName(DATANODE);
componentStatuses.add(componentStatus1);
@@ -1338,7 +1331,6 @@ public class HeartbeatProcessorTest {
componentStatus2.setServiceName(HDFS);
componentStatus2.setMessage(DummyHostStatus);
componentStatus2.setStatus(State.INSTALLED.name());
- componentStatus2.setSecurityState(SecurityState.UNSECURED.name());
componentStatus2.setComponentName(NAMENODE);
componentStatuses.add(componentStatus2);
http://git-wip-us.apache.org/repos/asf/ambari/blob/712b3d21/ambari-server/src/test/java/org/apache/ambari/server/agent/TestHeartbeatHandler.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/agent/TestHeartbeatHandler.java b/ambari-server/src/test/java/org/apache/ambari/server/agent/TestHeartbeatHandler.java
index 99aa994..ce83a5a 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/agent/TestHeartbeatHandler.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/agent/TestHeartbeatHandler.java
@@ -317,7 +317,6 @@ public class TestHeartbeatHandler {
componentStatus1.setServiceName(HDFS);
componentStatus1.setMessage(DummyHostStatus);
componentStatus1.setStatus(State.STARTED.name());
- componentStatus1.setSecurityState(SecurityState.UNSECURED.name());
componentStatus1.setComponentName(DATANODE);
componentStatuses.add(componentStatus1);
@@ -326,7 +325,6 @@ public class TestHeartbeatHandler {
componentStatus2.setServiceName(HDFS);
componentStatus2.setMessage(DummyHostStatus);
componentStatus2.setStatus(State.INSTALLED.name());
- componentStatus2.setSecurityState(SecurityState.UNSECURED.name());
componentStatus2.setComponentName(NAMENODE);
componentStatuses.add(componentStatus2);
@@ -1131,14 +1129,12 @@ public class TestHeartbeatHandler {
dataNodeStatus.setServiceName(HDFS);
dataNodeStatus.setComponentName(DATANODE);
dataNodeStatus.setStatus("STARTED");
- dataNodeStatus.setSecurityState(SecurityState.UNSECURED.name());
componentStatus.add(dataNodeStatus);
ComponentStatus nameNodeStatus = new ComponentStatus();
nameNodeStatus.setClusterName(cluster.getClusterName());
nameNodeStatus.setServiceName(HDFS);
nameNodeStatus.setComponentName(NAMENODE);
nameNodeStatus.setStatus("STARTED");
- nameNodeStatus.setSecurityState(SecurityState.UNSECURED.name());
componentStatus.add(nameNodeStatus);
hb1.setComponentStatus(componentStatus);
handler.handleHeartBeat(hb1);
@@ -1156,14 +1152,12 @@ public class TestHeartbeatHandler {
dataNodeStatus.setServiceName(HDFS);
dataNodeStatus.setComponentName(DATANODE);
dataNodeStatus.setStatus("INSTALLED");
- dataNodeStatus.setSecurityState(SecurityState.UNSECURED.name());
componentStatus.add(dataNodeStatus);
nameNodeStatus = new ComponentStatus();
nameNodeStatus.setClusterName(cluster.getClusterName());
nameNodeStatus.setServiceName(HDFS);
nameNodeStatus.setComponentName(NAMENODE);
nameNodeStatus.setStatus("STARTED");
- nameNodeStatus.setSecurityState(SecurityState.UNSECURED.name());
componentStatus.add(nameNodeStatus);
hb2.setComponentStatus(componentStatus);
handler.handleHeartBeat(hb2);
@@ -1183,14 +1177,12 @@ public class TestHeartbeatHandler {
dataNodeStatus.setServiceName(HDFS);
dataNodeStatus.setComponentName(DATANODE);
dataNodeStatus.setStatus("INSTALLED");
- dataNodeStatus.setSecurityState(SecurityState.UNSECURED.name());
componentStatus.add(dataNodeStatus);
nameNodeStatus = new ComponentStatus();
nameNodeStatus.setClusterName(cluster.getClusterName());
nameNodeStatus.setServiceName(HDFS);
nameNodeStatus.setComponentName(NAMENODE);
nameNodeStatus.setStatus("STARTED");
- nameNodeStatus.setSecurityState(SecurityState.UNSECURED.name());
componentStatus.add(nameNodeStatus);
hb2a.setComponentStatus(componentStatus);
handler.handleHeartBeat(hb2a);
@@ -1211,14 +1203,12 @@ public class TestHeartbeatHandler {
dataNodeStatus.setServiceName(HDFS);
dataNodeStatus.setComponentName(DATANODE);
dataNodeStatus.setStatus("INSTALLED");
- dataNodeStatus.setSecurityState(SecurityState.UNSECURED.name());
componentStatus.add(dataNodeStatus);
nameNodeStatus = new ComponentStatus();
nameNodeStatus.setClusterName(cluster.getClusterName());
nameNodeStatus.setServiceName(HDFS);
nameNodeStatus.setComponentName(NAMENODE);
nameNodeStatus.setStatus("INSTALLED");
- nameNodeStatus.setSecurityState(SecurityState.UNSECURED.name());
componentStatus.add(nameNodeStatus);
hb3.setComponentStatus(componentStatus);
handler.handleHeartBeat(hb3);
@@ -1250,7 +1240,6 @@ public class TestHeartbeatHandler {
dataNodeStatus.setServiceName(HDFS);
dataNodeStatus.setComponentName(DATANODE);
dataNodeStatus.setStatus("STARTED");
- dataNodeStatus.setSecurityState(SecurityState.UNSECURED.name());
componentStatus.add(dataNodeStatus);
hb4.setComponentStatus(componentStatus);
handler.handleHeartBeat(hb4);
@@ -1408,7 +1397,6 @@ public class TestHeartbeatHandler {
componentStatus1.setServiceName(serviceName);
componentStatus1.setMessage(message);
componentStatus1.setStatus(state.name());
- componentStatus1.setSecurityState(securityState.name());
componentStatus1.setComponentName(componentName);
componentStatus1.setStackVersion(stackVersion);
return componentStatus1;
@@ -1437,7 +1425,6 @@ public class TestHeartbeatHandler {
componentStatus1.setServiceName(HDFS);
componentStatus1.setMessage(DummyHostStatus);
componentStatus1.setStatus(State.STARTED.name());
- componentStatus1.setSecurityState(SecurityState.UNSECURED.name());
componentStatus1.setComponentName(DATANODE);
componentStatuses.add(componentStatus1);
http://git-wip-us.apache.org/repos/asf/ambari/blob/712b3d21/ambari-server/src/test/python/stacks/2.0.6/HBASE/test_hbase_master.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/python/stacks/2.0.6/HBASE/test_hbase_master.py b/ambari-server/src/test/python/stacks/2.0.6/HBASE/test_hbase_master.py
index 42bc989..fda63e0 100644
--- a/ambari-server/src/test/python/stacks/2.0.6/HBASE/test_hbase_master.py
+++ b/ambari-server/src/test/python/stacks/2.0.6/HBASE/test_hbase_master.py
@@ -712,108 +712,6 @@ class TestHBaseMaster(RMFTestCase):
self.assertNoMoreResources()
- @patch("resource_management.libraries.functions.security_commons.build_expectations")
- @patch("resource_management.libraries.functions.security_commons.get_params_from_filesystem")
- @patch("resource_management.libraries.functions.security_commons.validate_security_config_properties")
- @patch("resource_management.libraries.functions.security_commons.cached_kinit_executor")
- @patch("resource_management.libraries.script.Script.put_structured_out")
- def test_security_status(self, put_structured_out_mock, cached_kinit_executor_mock, validate_security_config_mock, get_params_mock, build_exp_mock):
- # Test that function works when is called with correct parameters
-
- security_params = {
- 'hbase-site': {
- 'hbase.master.kerberos.principal': '/path/to/hbase_keytab',
- 'hbase.master.keytab.file': 'hbase_principal'
- }
- }
-
- result_issues = []
- props_value_check = {"hbase.security.authentication": "kerberos",
- "hbase.security.authorization": "true"}
- props_empty_check = ["hbase.master.keytab.file",
- "hbase.master.kerberos.principal"]
-
- props_read_check = ["hbase.master.keytab.file"]
-
- get_params_mock.return_value = security_params
- validate_security_config_mock.return_value = result_issues
-
- self.executeScript(self.COMMON_SERVICES_PACKAGE_DIR + "/scripts/hbase_master.py",
- classname = "HbaseMaster",
- command = "security_status",
- config_file="secured.json",
- stack_version = self.STACK_VERSION,
- target = RMFTestCase.TARGET_COMMON_SERVICES
- )
-
- build_exp_mock.assert_called_with('hbase-site', props_value_check, props_empty_check, props_read_check)
- put_structured_out_mock.assert_called_with({"securityState": "SECURED_KERBEROS"})
- cached_kinit_executor_mock.called_with('/usr/bin/kinit',
- self.config_dict['configurations']['hbase-env']['hbase_user'],
- security_params['hbase-site']['hbase.master.keytab.file'],
- security_params['hbase-site']['hbase.master.kerberos.principal'],
- self.config_dict['hostname'],
- '/tmp')
-
- # Testing that the exception throw by cached_executor is caught
- cached_kinit_executor_mock.reset_mock()
- cached_kinit_executor_mock.side_effect = Exception("Invalid command")
-
- try:
- self.executeScript(self.COMMON_SERVICES_PACKAGE_DIR + "/scripts/hbase_master.py",
- classname = "HbaseMaster",
- command = "security_status",
- config_file="secured.json",
- stack_version = self.STACK_VERSION,
- target = RMFTestCase.TARGET_COMMON_SERVICES
- )
- except:
- self.assertTrue(True)
-
- # Testing with a security_params which doesn't contains hbase-site
- empty_security_params = {}
- cached_kinit_executor_mock.reset_mock()
- get_params_mock.reset_mock()
- put_structured_out_mock.reset_mock()
- get_params_mock.return_value = empty_security_params
-
- self.executeScript(self.COMMON_SERVICES_PACKAGE_DIR + "/scripts/hbase_master.py",
- classname = "HbaseMaster",
- command = "security_status",
- config_file="secured.json",
- stack_version = self.STACK_VERSION,
- target = RMFTestCase.TARGET_COMMON_SERVICES
- )
- put_structured_out_mock.assert_called_with({"securityIssuesFound": "Keytab file or principal are not set property."})
-
- # Testing with not empty result_issues
- result_issues_with_params = {}
- result_issues_with_params['hbase-site']="Something bad happened"
-
- validate_security_config_mock.reset_mock()
- get_params_mock.reset_mock()
- validate_security_config_mock.return_value = result_issues_with_params
- get_params_mock.return_value = security_params
-
- self.executeScript(self.COMMON_SERVICES_PACKAGE_DIR + "/scripts/hbase_master.py",
- classname = "HbaseMaster",
- command = "security_status",
- config_file="default.json",
- stack_version = self.STACK_VERSION,
- target = RMFTestCase.TARGET_COMMON_SERVICES
- )
- put_structured_out_mock.assert_called_with({"securityState": "UNSECURED"})
-
- # Testing with security_enable = false
- self.executeScript(self.COMMON_SERVICES_PACKAGE_DIR + "/scripts/hbase_master.py",
- classname = "HbaseMaster",
- command = "security_status",
- config_file="secured.json",
- stack_version = self.STACK_VERSION,
- target = RMFTestCase.TARGET_COMMON_SERVICES
- )
- put_structured_out_mock.assert_called_with({"securityState": "UNSECURED"})
-
def test_upgrade_backup(self):
self.executeScript(self.COMMON_SERVICES_PACKAGE_DIR + "/scripts/hbase_upgrade.py",
classname = "HbaseMasterUpgrade",
http://git-wip-us.apache.org/repos/asf/ambari/blob/712b3d21/ambari-server/src/test/python/stacks/2.0.6/HBASE/test_hbase_regionserver.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/python/stacks/2.0.6/HBASE/test_hbase_regionserver.py b/ambari-server/src/test/python/stacks/2.0.6/HBASE/test_hbase_regionserver.py
index 9bb0dd7..93f5d19 100644
--- a/ambari-server/src/test/python/stacks/2.0.6/HBASE/test_hbase_regionserver.py
+++ b/ambari-server/src/test/python/stacks/2.0.6/HBASE/test_hbase_regionserver.py
@@ -530,110 +530,6 @@ class TestHbaseRegionServer(RMFTestCase):
self.assertNoMoreResources()
-
- @patch("resource_management.libraries.functions.security_commons.build_expectations")
- @patch("resource_management.libraries.functions.security_commons.get_params_from_filesystem")
- @patch("resource_management.libraries.functions.security_commons.validate_security_config_properties")
- @patch("resource_management.libraries.functions.security_commons.cached_kinit_executor")
- @patch("resource_management.libraries.script.Script.put_structured_out")
- def test_security_status(self, put_structured_out_mock, cached_kinit_executor_mock, validate_security_config_mock, get_params_mock, build_exp_mock):
- # Test that function works when is called with correct parameters
-
- security_params = {
- 'hbase-site': {
- 'hbase.regionserver.keytab.file': '/path/to/hbase_keytab',
- 'hbase.regionserver.kerberos.principal': 'hbase_principal'
- }
- }
-
- result_issues = []
- props_value_check = {"hbase.security.authentication": "kerberos",
- "hbase.security.authorization": "true"}
- props_empty_check = ["hbase.regionserver.keytab.file",
- "hbase.regionserver.kerberos.principal"]
-
- props_read_check = ["hbase.regionserver.keytab.file"]
-
- get_params_mock.return_value = security_params
- validate_security_config_mock.return_value = result_issues
-
- self.executeScript(self.COMMON_SERVICES_PACKAGE_DIR + "/scripts/hbase_regionserver.py",
- classname = "HbaseRegionServer",
- command = "security_status",
- config_file="secured.json",
- stack_version = self.STACK_VERSION,
- target = RMFTestCase.TARGET_COMMON_SERVICES
- )
-
- build_exp_mock.assert_called_with('hbase-site', props_value_check, props_empty_check, props_read_check)
- put_structured_out_mock.assert_called_with({"securityState": "SECURED_KERBEROS"})
- cached_kinit_executor_mock.called_with('/usr/bin/kinit',
- self.config_dict['configurations']['hbase-env']['hbase_user'],
- security_params['hbase-site']['hbase.regionserver.keytab.file'],
- security_params['hbase-site']['hbase.regionserver.kerberos.principal'],
- self.config_dict['hostname'],
- '/tmp')
-
- # Testing that the exception throw by cached_executor is caught
- cached_kinit_executor_mock.reset_mock()
- cached_kinit_executor_mock.side_effect = Exception("Invalid command")
-
- try:
- self.executeScript(self.COMMON_SERVICES_PACKAGE_DIR + "/scripts/hbase_regionserver.py",
- classname = "HbaseRegionServer",
- command = "security_status",
- config_file="secured.json",
- stack_version = self.STACK_VERSION,
- target = RMFTestCase.TARGET_COMMON_SERVICES
- )
- except:
- self.assertTrue(True)
-
- # Testing with a security_params which doesn't contains hbase-site
- empty_security_params = {}
- cached_kinit_executor_mock.reset_mock()
- get_params_mock.reset_mock()
- put_structured_out_mock.reset_mock()
- get_params_mock.return_value = empty_security_params
-
- self.executeScript(self.COMMON_SERVICES_PACKAGE_DIR + "/scripts/hbase_regionserver.py",
- classname = "HbaseRegionServer",
- command = "security_status",
- config_file="secured.json",
- stack_version = self.STACK_VERSION,
- target = RMFTestCase.TARGET_COMMON_SERVICES
- )
- put_structured_out_mock.assert_called_with({"securityIssuesFound": "Keytab file or principal are not set property."})
-
- # Testing with not empty result_issues
- result_issues_with_params = {
- 'hbase-site' : "Something bad happened"
- }
-
- validate_security_config_mock.reset_mock()
- get_params_mock.reset_mock()
- validate_security_config_mock.return_value = result_issues_with_params
- get_params_mock.return_value = security_params
-
- self.executeScript(self.COMMON_SERVICES_PACKAGE_DIR + "/scripts/hbase_regionserver.py",
- classname = "HbaseRegionServer",
- command = "security_status",
- config_file="secured.json",
- stack_version = self.STACK_VERSION,
- target = RMFTestCase.TARGET_COMMON_SERVICES
- )
- put_structured_out_mock.assert_called_with({"securityState": "UNSECURED"})
-
- # Testing with security_enable = false
- self.executeScript(self.COMMON_SERVICES_PACKAGE_DIR + "/scripts/hbase_regionserver.py",
- classname = "HbaseRegionServer",
- command = "security_status",
- config_file="default.json",
- stack_version = self.STACK_VERSION,
- target = RMFTestCase.TARGET_COMMON_SERVICES
- )
- put_structured_out_mock.assert_called_with({"securityState": "UNSECURED"})
-
def test_pre_upgrade_restart(self):
config_file = self.get_src_folder()+"/test/python/stacks/2.0.6/configs/default.json"
with open(config_file, "r") as f:
http://git-wip-us.apache.org/repos/asf/ambari/blob/712b3d21/ambari-server/src/test/python/stacks/2.0.6/HDFS/test_datanode.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/python/stacks/2.0.6/HDFS/test_datanode.py b/ambari-server/src/test/python/stacks/2.0.6/HDFS/test_datanode.py
index 2cd35ab..5702b57 100644
--- a/ambari-server/src/test/python/stacks/2.0.6/HDFS/test_datanode.py
+++ b/ambari-server/src/test/python/stacks/2.0.6/HDFS/test_datanode.py
@@ -661,114 +661,3 @@ class TestDatanode(RMFTestCase):
self.assertEquals(
('hdfs dfsadmin -fs hdfs://ns1 -D ipc.client.connect.max.retries=5 -D ipc.client.connect.retry.interval=1000 -getDatanodeInfo 0.0.0.0:8010'),
mocks_dict['checked_call'].call_args_list[0][0][0])
-
- @patch("resource_management.libraries.functions.security_commons.build_expectations")
- @patch("resource_management.libraries.functions.security_commons.get_params_from_filesystem")
- @patch("resource_management.libraries.functions.security_commons.validate_security_config_properties")
- @patch("resource_management.libraries.functions.security_commons.cached_kinit_executor")
- @patch("resource_management.libraries.script.Script.put_structured_out")
- def test_security_status(self, put_structured_out_mock, cached_kinit_executor_mock, validate_security_config_mock, get_params_mock, build_exp_mock):
- # Test that function works when is called with correct parameters
-
- security_params = {
- 'core-site': {
- 'hadoop.security.authentication': 'kerberos'
- },
- 'hdfs-site': {
- 'dfs.datanode.keytab.file': 'path/to/datanode/keytab/file',
- 'dfs.datanode.kerberos.principal': 'datanode_principal'
- }
- }
-
- props_value_check = None
- props_empty_check = ['dfs.datanode.keytab.file',
- 'dfs.datanode.kerberos.principal']
- props_read_check = ['dfs.datanode.keytab.file']
-
- result_issues = []
-
- get_params_mock.return_value = security_params
- validate_security_config_mock.return_value = result_issues
-
- self.executeScript(self.COMMON_SERVICES_PACKAGE_DIR + "/scripts/datanode.py",
- classname = "DataNode",
- command = "security_status",
- config_file="secured.json",
- stack_version = self.STACK_VERSION,
- target = RMFTestCase.TARGET_COMMON_SERVICES
- )
-
- build_exp_mock.assert_called_with('hdfs-site', props_value_check, props_empty_check, props_read_check)
- put_structured_out_mock.assert_called_with({"securityState": "SECURED_KERBEROS"})
- cached_kinit_executor_mock.called_with('/usr/bin/kinit',
- self.config_dict['configurations']['hadoop-env']['hdfs_user'],
- security_params['hdfs-site']['dfs.datanode.keytab.file'],
- security_params['hdfs-site']['dfs.datanode.kerberos.principal'],
- self.config_dict['hostname'],
- '/tmp')
-
- # Testing when hadoop.security.authentication is simple
- security_params['core-site']['hadoop.security.authentication'] = 'simple'
-
- self.executeScript(self.COMMON_SERVICES_PACKAGE_DIR + "/scripts/datanode.py",
- classname = "DataNode",
- command = "security_status",
- config_file="secured.json",
- stack_version = self.STACK_VERSION,
- target = RMFTestCase.TARGET_COMMON_SERVICES
- )
-
- put_structured_out_mock.assert_called_with({"securityState": "UNSECURED"})
- security_params['core-site']['hadoop.security.authentication'] = 'kerberos'
-
- # Testing that the exception throw by cached_executor is caught
- cached_kinit_executor_mock.reset_mock()
- cached_kinit_executor_mock.side_effect = Exception("Invalid command")
-
- try:
- self.executeScript(self.COMMON_SERVICES_PACKAGE_DIR + "/scripts/datanode.py",
- classname = "DataNode",
- command = "security_status",
- config_file="secured.json",
- stack_version = self.STACK_VERSION,
- target = RMFTestCase.TARGET_COMMON_SERVICES
- )
- except:
- self.assertTrue(True)
-
- # Testing with a security_params which doesn't contains hdfs-site
- empty_security_params = {}
- empty_security_params['core-site'] = {}
- empty_security_params['core-site']['hadoop.security.authentication'] = 'kerberos'
- cached_kinit_executor_mock.reset_mock()
- get_params_mock.reset_mock()
- put_structured_out_mock.reset_mock()
- get_params_mock.return_value = empty_security_params
-
- self.executeScript(self.COMMON_SERVICES_PACKAGE_DIR + "/scripts/datanode.py",
- classname = "DataNode",
- command = "security_status",
- config_file="secured.json",
- stack_version = self.STACK_VERSION,
- target = RMFTestCase.TARGET_COMMON_SERVICES
- )
-
- put_structured_out_mock.assert_called_with({"securityIssuesFound": "Keytab file or principal are not set property."})
-
- # Testing with not empty result_issues
- result_issues_with_params = {}
- result_issues_with_params['hdfs-site']="Something bad happened"
-
- validate_security_config_mock.reset_mock()
- get_params_mock.reset_mock()
- validate_security_config_mock.return_value = result_issues_with_params
- get_params_mock.return_value = security_params
-
- self.executeScript(self.COMMON_SERVICES_PACKAGE_DIR + "/scripts/datanode.py",
- classname = "DataNode",
- command = "security_status",
- config_file="secured.json",
- stack_version = self.STACK_VERSION,
- target = RMFTestCase.TARGET_COMMON_SERVICES
- )
- put_structured_out_mock.assert_called_with({"securityState": "UNSECURED"})
http://git-wip-us.apache.org/repos/asf/ambari/blob/712b3d21/ambari-server/src/test/python/stacks/2.0.6/HDFS/test_hdfs_client.py
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/python/stacks/2.0.6/HDFS/test_hdfs_client.py b/ambari-server/src/test/python/stacks/2.0.6/HDFS/test_hdfs_client.py
index 85098fa..fc80849 100644
--- a/ambari-server/src/test/python/stacks/2.0.6/HDFS/test_hdfs_client.py
+++ b/ambari-server/src/test/python/stacks/2.0.6/HDFS/test_hdfs_client.py
@@ -88,106 +88,6 @@ class Test(RMFTestCase):
# for now, it's enough that <stack-selector-tool> is confirmed
- @patch("resource_management.libraries.functions.security_commons.build_expectations")
- @patch("resource_management.libraries.functions.security_commons.get_params_from_filesystem")
- @patch("resource_management.libraries.functions.security_commons.validate_security_config_properties")
- @patch("resource_management.libraries.functions.security_commons.cached_kinit_executor")
- @patch("resource_management.libraries.script.Script.put_structured_out")
- def test_security_status(self, put_structured_out_mock, cached_kinit_executor_mock, validate_security_config_mock, get_params_mock, build_exp_mock):
- # Test that function works when is called with correct parameters
-
- security_params = {
- 'core-site': {
- 'hadoop.security.authentication': 'kerberos'
- }
- }
-
- props_value_check = {"hadoop.security.authentication": "kerberos",
- "hadoop.security.authorization": "true"}
- props_empty_check = ["hadoop.security.auth_to_local"]
- props_read_check = None
-
- result_issues = []
-
- get_params_mock.return_value = security_params
- validate_security_config_mock.return_value = result_issues
-
- self.executeScript(self.COMMON_SERVICES_PACKAGE_DIR + "/scripts/hdfs_client.py",
- classname = "HdfsClient",
- command = "security_status",
- config_file="secured.json",
- stack_version = self.STACK_VERSION,
- target = RMFTestCase.TARGET_COMMON_SERVICES
- )
-
- build_exp_mock.assert_called_with('core-site', props_value_check, props_empty_check, props_read_check)
- put_structured_out_mock.assert_called_with({"securityState": "SECURED_KERBEROS"})
- cached_kinit_executor_mock.called_with('/usr/bin/kinit',
- self.config_dict['configurations']['hadoop-env']['hdfs_user'],
- self.config_dict['configurations']['hadoop-env']['hdfs_user_keytab'],
- self.config_dict['configurations']['hadoop-env']['hdfs_user_principal_name'],
- self.config_dict['hostname'],
- '/tmp')
-
- # Testing that the exception throw by cached_executor is caught
- cached_kinit_executor_mock.reset_mock()
- cached_kinit_executor_mock.side_effect = Exception("Invalid command")
-
- try:
- self.executeScript(self.COMMON_SERVICES_PACKAGE_DIR + "/scripts/hdfs_client.py",
- classname = "HdfsClient",
- command = "security_status",
- config_file="secured.json",
- stack_version = self.STACK_VERSION,
- target = RMFTestCase.TARGET_COMMON_SERVICES
- )
- except:
- self.assertTrue(True)
-
- # Testing when hadoop.security.authentication is simple
- security_params['core-site']['hadoop.security.authentication'] = 'simple'
-
- self.executeScript(self.COMMON_SERVICES_PACKAGE_DIR + "/scripts/hdfs_client.py",
- classname = "HdfsClient",
- command = "security_status",
- config_file="secured.json",
- stack_version = self.STACK_VERSION,
- target = RMFTestCase.TARGET_COMMON_SERVICES
- )
-
- put_structured_out_mock.assert_called_with({"securityState": "UNSECURED"})
- security_params['core-site']['hadoop.security.authentication'] = 'kerberos'
-
- # Testing with not empty result_issues
- result_issues_with_params = {
- 'hdfs-site': "Something bad happened"
- }
-
- validate_security_config_mock.reset_mock()
- get_params_mock.reset_mock()
- validate_security_config_mock.return_value = result_issues_with_params
- get_params_mock.return_value = security_params
-
- self.executeScript(self.COMMON_SERVICES_PACKAGE_DIR + "/scripts/hdfs_client.py",
- classname = "HdfsClient",
- command = "security_status",
- config_file="secured.json",
- stack_version = self.STACK_VERSION,
- target = RMFTestCase.TARGET_COMMON_SERVICES
- )
- put_structured_out_mock.assert_called_with({"securityState": "UNSECURED"})
-
- # Testing with empty hdfs_user_principal and hdfs_user_keytab
- self.executeScript(self.COMMON_SERVICES_PACKAGE_DIR + "/scripts/hdfs_client.py",
- classname = "HdfsClient",
- command = "security_status",
- config_file="default.json",
- stack_version = self.STACK_VERSION,
- target = RMFTestCase.TARGET_COMMON_SERVICES
- )
- put_structured_out_mock.assert_called_with({"securityState": "UNSECURED"})
-
-
@patch("resource_management.core.shell.call")
def test_pre_upgrade_restart_23(self, call_mock):
config_file = self.get_src_folder()+"/test/python/stacks/2.0.6/configs/default.json"